What the vulnerability does

01Description

SAP Customer Data Cloud (Gigya mobile app for Android) - version 7.4, uses insecure random number generator program which makes it easy for the attacker to predict future random numbers. This can lead to information disclosure and modification of certain user settings.

Key dates

02Disclosure timeline

October 11, 2022 CVE published
May 20, 2025 Record updated